How to make a read-only user for Linux?

D

DVoropaev2019-11-02 10:25:54

linux

DVoropaev, 2019-11-02 10:25:54

The goal is to make an account for demo access so that:
1) while the user cannot make any changes and even write to his home folder.
2) could easily execute commands for diagnosing ping, cat, grep... (again, without making changes to the system)
3) had access to read all files and folders (I don’t store secrets on the server)

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Artem @Jump, 2019-11-02
Tag

And sense to forbid to write in house? This will severely limit his work, making it impossible in many cases. And it's not difficult, the rights to the folder and that's it.

K

Karpion, 2019-11-03
@Karpion

Well, I would solve the problem by running the shell. Those. the user does not get to the command line, but to the shell, where there are only such commands. The shell is menu, with a choice from the proposed.
It seems that there are shells in which you can stupidly set a set of commands available to the patient. And he can't do anything else.
Another good way to pack a patient is chroot. But there he needs to provide an environment - a set of programs and libraries he needs. Difficult, dreary and protects so-so.